SlideShare a Scribd company logo

Security Certification: Security Analytics using Sumo Logic - Oct 2018

Sumo Logic
Sumo Logic

Get Certified as a Sumo Security Power User! With security threats on the rise, come join our Security and Compliance experts to learn how Sumo Logic’s Threat Intelligence can help you stay on top of your environment by matching IOCs like IP address, domain names, URL, email addresses, MD5 hashes and more, to increase velocity and accuracy of threat detection. Hands on labs help cement the knowledge learned.

Technology
1 of 53
Download to read offline
Become a Sumo Security User Security Certification
Sumo Logic Confidential Become a Sumo Security Power User 1. Learn How Security Analytics works for you 2. Develop a Toolset for Basic and Advanced Analytics 3. Monitor Trends & Critical Events 4. Learn about Sumo’s Security and Compliance Apps 5. Next steps: where do you go from here?
Sumo Logic Confidential Tutorial: Hands-on Exercises Training Environment: 1. service.sumologic.com 2. The username and password is on your handout Security Hands-on Labs: ● sumologic.com/learn/certifications
Sumo Logic Confidential Sumo Logic Security Analytics Real-time insights for streamlined Compliance and Security • Meet compliance deadlines • Reduce security risks • Identify potential security breaches • Neutralize new threat patterns • Transform reactive/manual processes into integrated/proactive/automated Automate Threat Detection • Detect threats across microservices, container services, cloud-based technology, operating systems, applications, storage devices, servers, workstations, and more.
Sumo Logic Confidential Examples of Security Use Cases • Monitor “Root” Logins • Monitor Multiple Failed Logins • Monitor Web Activity • Monitor Ingress/Outgress Rules • Identify publicly exposed Security Group (0.0.0.0/0 with <open port>) • Identify Services out of Compliance (no patches in “n” days) • Identify Application Threats (Libraries, Botnets, compromised credentials) • Monitor Malicious Threats and IOCs ➢ What’s your use case?
Sumo Logic Confidential Filter and Provide Structure Search and Parse
Sumo Logic Confidential Search and Parse Search and Filter your data Search and Filter your data • _metadata • Keywords • Live Tail Parse fields to provide structure to your data • Query Parsing • Implement your Field Extraction Rules
Sumo Logic Confidential Security Certification: Hands-on Labs Labs 1-3: Search and Parse • Search Basics: Metadata and Keywords • Parsing Operators and Options • Grouping Results • Field Extraction Rules Security Analytics
Sumo Logic Confidential Conditional Logic, Filtering, Formatting Results Simple Analytics
Sumo Logic Confidential Review ⇨ Query Syntax Syntax: metadata Keywords and operators, separated by pipes, that build on top of each other |parse |filter |aggregate |format keywords
Sumo Logic Confidential Simple Analytics Aggregation | count[] | sum | avg | min() | max() Conditional | if() | []matches[] | <>in() | filter | where Formatting | transpose | fields | limit | sort by | top
Sumo Logic Confidential Cheat Sheet Community Learn Tab
Sumo Logic Confidential Security Certification: Hands-On Labs Lab 4A: Monitor AWS Root Account Usage Community > Query Library > Security-related Queries for AWS Security Analytics
Sumo Logic Confidential Parse key fields Perform additional parsing on key fields Don’t drop messages that do not match parse criteriaFurther Filter results Aggregate by desired fields Filter using metadata and keywords
Sumo Logic Confidential Security Certification: Hands-On Labs Lab 4B: Monitor Security Groups Created Community > Query Library > Security-related Queries for AWS Security Analytics
Sumo Logic Confidential Security Certification: Hands-On Labs Lab 4C: Monitor “Impossible Travel” scenario Community > Query Library > Security-related Queries for AWS Security Analytics
Sumo Logic Confidential Outliers, Trends, Needle in the Haystack Advanced Analytics
Sumo Logic Confidential Advanced Analytics Find the ”needle in the haystack” by identifying patterns. Compare today’s patterns with patterns in the past. _sourceCategory=Labs/security/snort | logreduce _sourceCategory=Labs/security/snort | logcompare -24h LogReduce ➜ New security attacks/breaches. LogCompare ➜ Compare attacks/breaches to other time periods.
Sumo Logic Confidential Advanced Analytics _sourceCategory=Labs/AWS/CloudTrail | parse ""eventName":"*"" as eventName nodrop | parse ""responseElements":{"ConsoleLogin":"*"}" as loginResult nodrop | where eventName="ConsoleLogin" and loginresult="Failure" | timeslice 30m | count(eventName) as failed_login_attempts by _timeslice | outlier failed_login_attempts _sourceCategory=Labs/security/Proofpoint and Mexico | timeslice 5m | count as rogue_traffic by _timeslice | predict rogue_traffic by 5m forecast=12 Outlier ➜ Anomalies in number of Failed Logins Predict ➜ Traffic from a Rogue Country/State
Sumo Logic Confidential Advanced Analytics _sourceCategory=Labs/PaloAltoNetworks and ",TRAFFIC," | where action="deny" | count action | compare with timeshift 15m 4 avg | if(isNull(_count), 0, _count) as _count | if(isNull(_count_60m_avg), 0, _count_60m_avg) as _count_60m_avg | where _count>(5 * _count_60m_avg) _sourceCategory=Labs/PaloAltoNetworks and ",TRAFFIC," | lookup latitude, longitude, country_code, country_name, city from geo://location on ip=dest_ip | where country_code<>"US" | count by latitude, longitude, country_code, country_name, city Time Compare ➜ Identify a 5-fold increase in Denied Traffic Geo Lookup ➜ Traffic Destinations outside the US
Sumo Logic Confidential Security Certification: Hands-On Labs Lab 5-8: Advanced Analytics ● Finding the needle in the haystack ● Comparing time periods ● Identifying Outliers Security Analytics
Sumo Logic Confidential Advanced Analytics ((_sourceCategory=Labs/PaloAltoNetworks ",THREAT,") or (_sourceCategory=Labs/PaloAltoNetworks ",TRAFFIC," action=allow)) | concat(dest_ip,":", dest_port) as destination | transactionize src_ip (merge type, destination, src_ip takeFirst) | where type matches "*TRAFFIC*" and type matches "*THREAT*" | count src_ip, type, destination | fields - _count ((_sourceCategory=Labs/security/snort "[Classification: Web Application Attack]") or _sourceCategory=Labs/Apache/Access) | parse "{TCP} *:* -> *:*" as src_ip, src_port, dest_ip, dest_port nodrop | parse regex "(?<src_ip>d{1,3}.d{1,3}.d{1,3}.d{1,3})" | transaction on src_ip with states %"Labs/security/snort", %"Labs/Apache/Access" in _sourceCategory | where %"Labs/security/snort">0 and %"Labs/Apache/Access">0 Transactionize ➜ Follow a Transaction Transaction ➜ Correlate Traffic Data
Sumo Logic Confidential Security Certification: Hands-On Labs Labs 9-14: Lookups and Data Correlation ● Using Threat Intel Lookup ● Creating Query Templates ● Creating Custom Lookups ● Correlating Data ○ Transaction ○ Transactionize ○ Subqueries Security Analytics
Sumo Logic Confidential Dashboards and Alerts Monitoring your Data
Sumo Logic Confidential Monitoring Your Data Visualize your data through Dashboards ● Chart your Data ● Create Panels ● Share your Content! Receive notification of your Critical Events ● Schedule Your Searches ● Use Webhook Connections to reach your audience ● Create Meaningful Alerts
Sumo Logic Confidential Security Certification: Hands-On Labs Labs 15-18: Visualizing and Monitoring ● Create a Dashboard ● Add Panels to an Existing Dashboard ● Create Meaningful Alerts Security Analytics
Sumo Logic Confidential Out-of-the-Box Content Security and Compliance Apps
Sumo Logic Confidential Security and Compliance Apps ● Simplify Compliance Management ● Set up Real-time monitoring and Alerts ● Security Analytics with Threat Intelligence
Sumo Logic Confidential Apps: Palo Alto Networks Discover threats, consumption, traffic patterns, and other security-driven issues, providing additional insight for investigations.
Sumo Logic Confidential Apps: AWS CloudTrail Track user behavior patterns, administrator activity, or correlate with other data sets to get a broader understanding of events from operating systems, intrusion detection systems or application logs.
Sumo Logic Confidential Apps: AWS VPC Flow Logs Track your IP network traffic and troubleshoot security issues with real-time visibility and analysis of your environment.
Sumo Logic Confidential Apps: AWS GuardDuty Detect unexpected and potentially malicious activities in your AWS account. Analyze threats by severity, VPC, IP, account ID, region, and resource type. GuardDuty analyzes and processes VPC Flow Logs and AWS CloudTrail event logs.
Sumo Logic Confidential Apps: Threat Intelligence for AWS Correlate CrowdStrike threat intelligence data with your AWS log data, for real-time security analytics to detect threats and protect against cyber-attacks. The Threat Intel for AWS App scans AWS CloudTrail, AWS ELB and AWS VPC Flow logs for threats based on IP address.
Sumo Logic Confidential Apps: Threat Intelligence Quick Analysis Correlate CrowdStrike threat intelligence data with your own log data, for real-time security analytics to detect threats and protect against cyber-attacks. This app scans your selected logs for threats based on IP, filename, URL, domain, Hash 256, and email.
Sumo Logic Confidential Apps: CrowdStrike Analyze CrowdStrike security events by type, status and detection method. The CrowdStrike Falcon platform provides Endpoint Detection and Response, Antivirus and Threat Intelligence services via the cloud.
Sumo Logic Confidential Apps: O365 Monitor and analyze your complete Office 365 system for administrator and user activity. This app monitors Audit logs for Azure Active Directory, Exchange and SharePoint.
Sumo Logic Confidential Security Certification: Hands-On Labs Labs 19-20: Sumo Logic Apps ● Installing AWS CloudTrail App ● Installing the Threat Intel App for OSSEC data Using Sumo Logic
Sumo Logic Confidential ”How To” templates to implement in your Environment Use Cases
Sumo Logic Confidential General Use Cases How to Create and Alert on Ratios or Percentages ● Outlier How to Compare and Alert on Historical Data ● Compare and Outlier Detect Patterns and Changes Across Environments and Time ● LogCompare Visualize Trends in Your Signatures ● LogReduce and Timeslice
Sumo Logic Confidential Security Use Cases ● Security Queries for PAN (Firewalls) ● Security Queries for AWS ● Security Queries for Linux ● Security Queries for Windows
Sumo Logic Confidential Training, Docs, Community, Support Where do I go from here?
Need knowledge? ⇨ try the Learn tab Explore the tutorials
Need knowledge? ⇨ try the Learn tab Access comprehensive lists of operators and more Explore the tutorials
Need knowledge? ⇨ try the Learn tab Access comprehensive lists of operators and more Every feature and tool covered in docs Explore the tutorials
Need knowledge? ⇨ try the Learn tab Access comprehensive lists of operators and more Every feature and tool covered in docs Find out What’s New Explore the tutorials
Need knowledge? ⇨ try the Learn tab Access comprehensive lists of operators and more Every feature and tool covered in docs Find out What’s New Find answers or post your questions to Community Explore the tutorials
Need knowledge? ⇨ try the Learn tab Access comprehensive lists of operators and more Every feature and tool covered in docs Find out What’s New Find answers or post your questions to Community Attend/review training and get certified Explore the tutorials
Need knowledge? ⇨ try the Learn tab Access comprehensive lists of operators and more Every feature and tool covered in docs Find out What’s New Find answers or post your questions to Community Attend/review training and get certified Explore the tutorials Open a Support case
Need knowledge? ⇨ try the Learn tab Access comprehensive lists of operators and more Every feature and tool covered in docs Find out What’s New Find answers or post your questions to Community Attend/review training and get certified Explore the tutorials Open a Support case
Questions?
Security Labs https://bit.ly/2MyZ7vi
Sumo Logic Confidential Sumo Logic Confidential In order to get credit for the exam, In YOUR OWN INSTANCE, go to Certification Tab. • Online Exam • 30 Multiple choice questions • 60-minute time limit • 3 attempts
Security Certification: Security Analytics using Sumo Logic - Oct 2018

Recommended

Level 3 Certification: Setting up Sumo Logic - Oct 2018
Level 3 Certification: Setting up Sumo Logic - Oct 2018Level 3 Certification: Setting up Sumo Logic - Oct 2018
Level 3 Certification: Setting up Sumo Logic - Oct 2018
Sumo Logic
 
Using Sumo Logic - Apr 2018
Using Sumo Logic - Apr 2018Using Sumo Logic - Apr 2018
Using Sumo Logic - Apr 2018
Sumo Logic
 
Level 2 Certification: Using Sumo Logic - Oct 2018
Level 2 Certification: Using Sumo Logic - Oct 2018Level 2 Certification: Using Sumo Logic - Oct 2018
Level 2 Certification: Using Sumo Logic - Oct 2018
Sumo Logic
 
Sumo Logic Cert Jam - Security Analytics
Sumo Logic Cert Jam - Security AnalyticsSumo Logic Cert Jam - Security Analytics
Sumo Logic Cert Jam - Security Analytics
Sumo Logic
 
Sumo Logic Certification - Level 2 (Using Sumo)
Sumo Logic Certification - Level 2 (Using Sumo)Sumo Logic Certification - Level 2 (Using Sumo)
Sumo Logic Certification - Level 2 (Using Sumo)
Sumo Logic
 
Sumo Logic Cert Jam - Administration
Sumo Logic Cert Jam - AdministrationSumo Logic Cert Jam - Administration
Sumo Logic Cert Jam - Administration
Sumo Logic
 
Sumo Logic QuickStart Webinar - Get Certified
Sumo Logic QuickStart Webinar - Get CertifiedSumo Logic QuickStart Webinar - Get Certified
Sumo Logic QuickStart Webinar - Get Certified
Sumo Logic
 
Sumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & ComplianceSumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & Compliance
Sumo Logic
 

Recommended

Level 3 Certification: Setting up Sumo Logic - Oct 2018
Level 3 Certification: Setting up Sumo Logic - Oct 2018Level 3 Certification: Setting up Sumo Logic - Oct 2018
Level 3 Certification: Setting up Sumo Logic - Oct 2018
Sumo Logic
 
Using Sumo Logic - Apr 2018
Using Sumo Logic - Apr 2018Using Sumo Logic - Apr 2018
Using Sumo Logic - Apr 2018
Sumo Logic
 
Level 2 Certification: Using Sumo Logic - Oct 2018
Level 2 Certification: Using Sumo Logic - Oct 2018Level 2 Certification: Using Sumo Logic - Oct 2018
Level 2 Certification: Using Sumo Logic - Oct 2018
Sumo Logic
 
Sumo Logic Cert Jam - Security Analytics
Sumo Logic Cert Jam - Security AnalyticsSumo Logic Cert Jam - Security Analytics
Sumo Logic Cert Jam - Security Analytics
Sumo Logic
 
Sumo Logic Certification - Level 2 (Using Sumo)
Sumo Logic Certification - Level 2 (Using Sumo)Sumo Logic Certification - Level 2 (Using Sumo)
Sumo Logic Certification - Level 2 (Using Sumo)
Sumo Logic
 
Sumo Logic Cert Jam - Administration
Sumo Logic Cert Jam - AdministrationSumo Logic Cert Jam - Administration
Sumo Logic Cert Jam - Administration
Sumo Logic
 
Sumo Logic QuickStart Webinar - Get Certified
Sumo Logic QuickStart Webinar - Get CertifiedSumo Logic QuickStart Webinar - Get Certified
Sumo Logic QuickStart Webinar - Get Certified
Sumo Logic
 
Sumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & ComplianceSumo Logic Cert Jam - Security & Compliance
Sumo Logic Cert Jam - Security & Compliance
Sumo Logic
 
Sumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics MasterySumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics Mastery
Sumo Logic
 
Sumo Logic Cert Jam - Fundamentals
Sumo Logic Cert Jam - FundamentalsSumo Logic Cert Jam - Fundamentals
Sumo Logic Cert Jam - Fundamentals
Sumo Logic
 
Welcome Webinar Slides
Welcome Webinar SlidesWelcome Webinar Slides
Welcome Webinar Slides
Sumo Logic
 
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with KubernetesSumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic
 
Welcome Webinar PDF
Welcome Webinar PDFWelcome Webinar PDF
Welcome Webinar PDF
Sumo Logic
 
Sumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics MasterySumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics Mastery
Sumo Logic
 
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with KubernetesSumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic
 
Sumo Logic Cert Jam - Search Mastery
Sumo Logic Cert Jam - Search MasterySumo Logic Cert Jam - Search Mastery
Sumo Logic Cert Jam - Search Mastery
Sumo Logic
 
Sumo Logic QuickStart Webinar - Dec 2016
Sumo Logic QuickStart Webinar - Dec 2016Sumo Logic QuickStart Webinar - Dec 2016
Sumo Logic QuickStart Webinar - Dec 2016
Sumo Logic
 
Sumo Logic Search Job API
Sumo Logic Search Job APISumo Logic Search Job API
Sumo Logic Search Job API
Sumo Logic
 
Sumo Logic Quickstart - Nv 2016
Sumo Logic Quickstart - Nv 2016Sumo Logic Quickstart - Nv 2016
Sumo Logic Quickstart - Nv 2016
Sumo Logic
 
Sumo Logic Quickstart - Jan 2017
Sumo Logic Quickstart - Jan 2017Sumo Logic Quickstart - Jan 2017
Sumo Logic Quickstart - Jan 2017
Sumo Logic
 
Sumo Logic Quickstart Training 10/14/2015
Sumo Logic Quickstart Training 10/14/2015Sumo Logic Quickstart Training 10/14/2015
Sumo Logic Quickstart Training 10/14/2015
Sumo Logic
 
Sumo Logic QuickStart
Sumo Logic QuickStartSumo Logic QuickStart
Sumo Logic QuickStart
Sumo Logic
 
"How to" Webinar: Sending Data to Sumo Logic
"How to" Webinar: Sending Data to Sumo Logic"How to" Webinar: Sending Data to Sumo Logic
"How to" Webinar: Sending Data to Sumo Logic
Sumo Logic
 
How Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and Metrics
How Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and MetricsHow Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and Metrics
How Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and Metrics
Sumo Logic
 
Sumo Logic QuickStart Webinar Oct 2016
Sumo Logic QuickStart Webinar Oct 2016Sumo Logic QuickStart Webinar Oct 2016
Sumo Logic QuickStart Webinar Oct 2016
Sumo Logic
 
Sumo Logic Webinar: Visibility into your Host Metrics
Sumo Logic Webinar: Visibility into your Host MetricsSumo Logic Webinar: Visibility into your Host Metrics
Sumo Logic Webinar: Visibility into your Host Metrics
Sumo Logic
 
Develop IoT project with AirVantage M2M Cloud
Develop IoT project with AirVantage M2M CloudDevelop IoT project with AirVantage M2M Cloud
Develop IoT project with AirVantage M2M Cloud
Crystal Lam
 
Sumo Logic "How to" Webinar: Advanced Analytics
Sumo Logic "How to" Webinar: Advanced AnalyticsSumo Logic "How to" Webinar: Advanced Analytics
Sumo Logic "How to" Webinar: Advanced Analytics
Sumo Logic
 
Sumo Logic QuickStart Webinar - Jan 2016
Sumo Logic QuickStart Webinar - Jan 2016Sumo Logic QuickStart Webinar - Jan 2016
Sumo Logic QuickStart Webinar - Jan 2016
Sumo Logic
 
Sumo Logic "How To" Webinar: Apps
Sumo Logic "How To" Webinar: AppsSumo Logic "How To" Webinar: Apps
Sumo Logic "How To" Webinar: Apps
Sumo Logic
 

More Related Content

What's hot

Sumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics MasterySumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics Mastery
Sumo Logic
 
Sumo Logic Cert Jam - Fundamentals
Sumo Logic Cert Jam - FundamentalsSumo Logic Cert Jam - Fundamentals
Sumo Logic Cert Jam - Fundamentals
Sumo Logic
 
Welcome Webinar Slides
Welcome Webinar SlidesWelcome Webinar Slides
Welcome Webinar Slides
Sumo Logic
 
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with KubernetesSumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic
 
Welcome Webinar PDF
Welcome Webinar PDFWelcome Webinar PDF
Welcome Webinar PDF
Sumo Logic
 
Sumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics MasterySumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics Mastery
Sumo Logic
 
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with KubernetesSumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic
 
Sumo Logic Cert Jam - Search Mastery
Sumo Logic Cert Jam - Search MasterySumo Logic Cert Jam - Search Mastery
Sumo Logic Cert Jam - Search Mastery
Sumo Logic
 
Sumo Logic QuickStart Webinar - Dec 2016
Sumo Logic QuickStart Webinar - Dec 2016Sumo Logic QuickStart Webinar - Dec 2016
Sumo Logic QuickStart Webinar - Dec 2016
Sumo Logic
 
Sumo Logic Search Job API
Sumo Logic Search Job APISumo Logic Search Job API
Sumo Logic Search Job API
Sumo Logic
 
Sumo Logic Quickstart - Nv 2016
Sumo Logic Quickstart - Nv 2016Sumo Logic Quickstart - Nv 2016
Sumo Logic Quickstart - Nv 2016
Sumo Logic
 
Sumo Logic Quickstart - Jan 2017
Sumo Logic Quickstart - Jan 2017Sumo Logic Quickstart - Jan 2017
Sumo Logic Quickstart - Jan 2017
Sumo Logic
 
Sumo Logic Quickstart Training 10/14/2015
Sumo Logic Quickstart Training 10/14/2015Sumo Logic Quickstart Training 10/14/2015
Sumo Logic Quickstart Training 10/14/2015
Sumo Logic
 
Sumo Logic QuickStart
Sumo Logic QuickStartSumo Logic QuickStart
Sumo Logic QuickStart
Sumo Logic
 
"How to" Webinar: Sending Data to Sumo Logic
"How to" Webinar: Sending Data to Sumo Logic"How to" Webinar: Sending Data to Sumo Logic
"How to" Webinar: Sending Data to Sumo Logic
Sumo Logic
 
How Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and Metrics
How Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and MetricsHow Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and Metrics
How Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and Metrics
Sumo Logic
 
Sumo Logic QuickStart Webinar Oct 2016
Sumo Logic QuickStart Webinar Oct 2016Sumo Logic QuickStart Webinar Oct 2016
Sumo Logic QuickStart Webinar Oct 2016
Sumo Logic
 
Sumo Logic Webinar: Visibility into your Host Metrics
Sumo Logic Webinar: Visibility into your Host MetricsSumo Logic Webinar: Visibility into your Host Metrics
Sumo Logic Webinar: Visibility into your Host Metrics
Sumo Logic
 
Develop IoT project with AirVantage M2M Cloud
Develop IoT project with AirVantage M2M CloudDevelop IoT project with AirVantage M2M Cloud
Develop IoT project with AirVantage M2M Cloud
Crystal Lam
 
Sumo Logic "How to" Webinar: Advanced Analytics
Sumo Logic "How to" Webinar: Advanced AnalyticsSumo Logic "How to" Webinar: Advanced Analytics
Sumo Logic "How to" Webinar: Advanced Analytics
Sumo Logic
 

What's hot (20)

Sumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics MasterySumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics Mastery
 
Sumo Logic Cert Jam - Fundamentals
Sumo Logic Cert Jam - FundamentalsSumo Logic Cert Jam - Fundamentals
Sumo Logic Cert Jam - Fundamentals
 
Welcome Webinar Slides
Welcome Webinar SlidesWelcome Webinar Slides
Welcome Webinar Slides
 
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with KubernetesSumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
 
Welcome Webinar PDF
Welcome Webinar PDFWelcome Webinar PDF
Welcome Webinar PDF
 
Sumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics MasterySumo Logic Cert Jam - Metrics Mastery
Sumo Logic Cert Jam - Metrics Mastery
 
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with KubernetesSumo Logic Cert Jam - Advanced Metrics with Kubernetes
Sumo Logic Cert Jam - Advanced Metrics with Kubernetes
 
Sumo Logic Cert Jam - Search Mastery
Sumo Logic Cert Jam - Search MasterySumo Logic Cert Jam - Search Mastery
Sumo Logic Cert Jam - Search Mastery
 
Sumo Logic QuickStart Webinar - Dec 2016
Sumo Logic QuickStart Webinar - Dec 2016Sumo Logic QuickStart Webinar - Dec 2016
Sumo Logic QuickStart Webinar - Dec 2016
 
Sumo Logic Search Job API
Sumo Logic Search Job APISumo Logic Search Job API
Sumo Logic Search Job API
 
Sumo Logic Quickstart - Nv 2016
Sumo Logic Quickstart - Nv 2016Sumo Logic Quickstart - Nv 2016
Sumo Logic Quickstart - Nv 2016
 
Sumo Logic Quickstart - Jan 2017
Sumo Logic Quickstart - Jan 2017Sumo Logic Quickstart - Jan 2017
Sumo Logic Quickstart - Jan 2017
 
Sumo Logic Quickstart Training 10/14/2015
Sumo Logic Quickstart Training 10/14/2015Sumo Logic Quickstart Training 10/14/2015
Sumo Logic Quickstart Training 10/14/2015
 
Sumo Logic QuickStart
Sumo Logic QuickStartSumo Logic QuickStart
Sumo Logic QuickStart
 
"How to" Webinar: Sending Data to Sumo Logic
"How to" Webinar: Sending Data to Sumo Logic"How to" Webinar: Sending Data to Sumo Logic
"How to" Webinar: Sending Data to Sumo Logic
 
How Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and Metrics
How Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and MetricsHow Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and Metrics
How Hudl and Cloud Cruiser Leverage Sumo Logic's Unified Logs and Metrics
 
Sumo Logic QuickStart Webinar Oct 2016
Sumo Logic QuickStart Webinar Oct 2016Sumo Logic QuickStart Webinar Oct 2016
Sumo Logic QuickStart Webinar Oct 2016
 
Sumo Logic Webinar: Visibility into your Host Metrics
Sumo Logic Webinar: Visibility into your Host MetricsSumo Logic Webinar: Visibility into your Host Metrics
Sumo Logic Webinar: Visibility into your Host Metrics
 
Develop IoT project with AirVantage M2M Cloud
Develop IoT project with AirVantage M2M CloudDevelop IoT project with AirVantage M2M Cloud
Develop IoT project with AirVantage M2M Cloud
 
Sumo Logic "How to" Webinar: Advanced Analytics
Sumo Logic "How to" Webinar: Advanced AnalyticsSumo Logic "How to" Webinar: Advanced Analytics
Sumo Logic "How to" Webinar: Advanced Analytics
 

Similar to Security Certification: Security Analytics using Sumo Logic - Oct 2018

Sumo Logic QuickStart Webinar - Jan 2016
Sumo Logic QuickStart Webinar - Jan 2016Sumo Logic QuickStart Webinar - Jan 2016
Sumo Logic QuickStart Webinar - Jan 2016
Sumo Logic
 
Sumo Logic "How To" Webinar: Apps
Sumo Logic "How To" Webinar: AppsSumo Logic "How To" Webinar: Apps
Sumo Logic "How To" Webinar: Apps
Sumo Logic
 
Setting Up Sumo Logic - Sep 2017
Setting Up Sumo Logic - Sep 2017Setting Up Sumo Logic - Sep 2017
Setting Up Sumo Logic - Sep 2017
mariosany
 
Setting up Sumo Logic - June 2017
Setting up Sumo Logic - June 2017Setting up Sumo Logic - June 2017
Setting up Sumo Logic - June 2017
Sumo Logic
 
AWS re:Invent 2016: 5 Security Automation Improvements You Can Make by Using ...
AWS re:Invent 2016: 5 Security Automation Improvements You Can Make by Using ...AWS re:Invent 2016: 5 Security Automation Improvements You Can Make by Using ...
AWS re:Invent 2016: 5 Security Automation Improvements You Can Make by Using ...
Amazon Web Services
 
Sumo Logic QuickStat - Apr 2017
Sumo Logic QuickStat - Apr 2017Sumo Logic QuickStat - Apr 2017
Sumo Logic QuickStat - Apr 2017
Sumo Logic
 
Sumo Logic QuickStart Webinar
Sumo Logic QuickStart WebinarSumo Logic QuickStart Webinar
Sumo Logic QuickStart Webinar
Sumo Logic
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
Splunk
 
L400-P1 Overview.pdf
L400-P1 Overview.pdfL400-P1 Overview.pdf
L400-P1 Overview.pdf
FadhilMuhammad80
 
Setting Up Sumo Logic - Apr 2017
Setting Up Sumo Logic - Apr 2017Setting Up Sumo Logic - Apr 2017
Setting Up Sumo Logic - Apr 2017
Sumo Logic
 
Secure Design: Threat Modeling
Secure Design: Threat ModelingSecure Design: Threat Modeling
Secure Design: Threat Modeling
Cigital
 
Swascan Cyber Security Testing Platform
Swascan Cyber Security Testing PlatformSwascan Cyber Security Testing Platform
Swascan Cyber Security Testing Platform
Pierguido Iezzi
 
Free and open cloud security posture monitoring
Free and open cloud security posture monitoringFree and open cloud security posture monitoring
Free and open cloud security posture monitoring
Elasticsearch
 
Why Penetration Testing Services Cyber51
Why Penetration Testing Services Cyber51Why Penetration Testing Services Cyber51
Why Penetration Testing Services Cyber51
martinvoelk
 
AWS and Sumo Logic Webinar: Simplify Compliance with Proactive Machine Data A...
AWS and Sumo Logic Webinar: Simplify Compliance with Proactive Machine Data A...AWS and Sumo Logic Webinar: Simplify Compliance with Proactive Machine Data A...
AWS and Sumo Logic Webinar: Simplify Compliance with Proactive Machine Data A...
Sumo Logic
 
How McGraw Hill Uses Sumo Logic and AWS for Operational and Security Intellig...
How McGraw Hill Uses Sumo Logic and AWS for Operational and Security Intellig...How McGraw Hill Uses Sumo Logic and AWS for Operational and Security Intellig...
How McGraw Hill Uses Sumo Logic and AWS for Operational and Security Intellig...
Sumo Logic
 
Sumo Logic QuickStart Webinar July 2016
Sumo Logic QuickStart Webinar July 2016Sumo Logic QuickStart Webinar July 2016
Sumo Logic QuickStart Webinar July 2016
Sumo Logic
 
Sumo Logic QuickStart - May 2016
Sumo Logic QuickStart - May 2016Sumo Logic QuickStart - May 2016
Sumo Logic QuickStart - May 2016
Sumo Logic
 
Build a complete security operations and compliance program using a graph dat...
Build a complete security operations and compliance program using a graph dat...Build a complete security operations and compliance program using a graph dat...
Build a complete security operations and compliance program using a graph dat...
Erkang Zheng
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
Splunk
 

Similar to Security Certification: Security Analytics using Sumo Logic - Oct 2018 (20)

Sumo Logic QuickStart Webinar - Jan 2016
Sumo Logic QuickStart Webinar - Jan 2016Sumo Logic QuickStart Webinar - Jan 2016
Sumo Logic QuickStart Webinar - Jan 2016
 
Sumo Logic "How To" Webinar: Apps
Sumo Logic "How To" Webinar: AppsSumo Logic "How To" Webinar: Apps
Sumo Logic "How To" Webinar: Apps
 
Setting Up Sumo Logic - Sep 2017
Setting Up Sumo Logic - Sep 2017Setting Up Sumo Logic - Sep 2017
Setting Up Sumo Logic - Sep 2017
 
Setting up Sumo Logic - June 2017
Setting up Sumo Logic - June 2017Setting up Sumo Logic - June 2017
Setting up Sumo Logic - June 2017
 
AWS re:Invent 2016: 5 Security Automation Improvements You Can Make by Using ...
AWS re:Invent 2016: 5 Security Automation Improvements You Can Make by Using ...AWS re:Invent 2016: 5 Security Automation Improvements You Can Make by Using ...
AWS re:Invent 2016: 5 Security Automation Improvements You Can Make by Using ...
 
Sumo Logic QuickStat - Apr 2017
Sumo Logic QuickStat - Apr 2017Sumo Logic QuickStat - Apr 2017
Sumo Logic QuickStat - Apr 2017
 
Sumo Logic QuickStart Webinar
Sumo Logic QuickStart WebinarSumo Logic QuickStart Webinar
Sumo Logic QuickStart Webinar
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
 
L400-P1 Overview.pdf
L400-P1 Overview.pdfL400-P1 Overview.pdf
L400-P1 Overview.pdf
 
Setting Up Sumo Logic - Apr 2017
Setting Up Sumo Logic - Apr 2017Setting Up Sumo Logic - Apr 2017
Setting Up Sumo Logic - Apr 2017
 
Secure Design: Threat Modeling
Secure Design: Threat ModelingSecure Design: Threat Modeling
Secure Design: Threat Modeling
 
Swascan Cyber Security Testing Platform
Swascan Cyber Security Testing PlatformSwascan Cyber Security Testing Platform
Swascan Cyber Security Testing Platform
 
Free and open cloud security posture monitoring
Free and open cloud security posture monitoringFree and open cloud security posture monitoring
Free and open cloud security posture monitoring
 
Why Penetration Testing Services Cyber51
Why Penetration Testing Services Cyber51Why Penetration Testing Services Cyber51
Why Penetration Testing Services Cyber51
 
AWS and Sumo Logic Webinar: Simplify Compliance with Proactive Machine Data A...
AWS and Sumo Logic Webinar: Simplify Compliance with Proactive Machine Data A...AWS and Sumo Logic Webinar: Simplify Compliance with Proactive Machine Data A...
AWS and Sumo Logic Webinar: Simplify Compliance with Proactive Machine Data A...
 
How McGraw Hill Uses Sumo Logic and AWS for Operational and Security Intellig...
How McGraw Hill Uses Sumo Logic and AWS for Operational and Security Intellig...How McGraw Hill Uses Sumo Logic and AWS for Operational and Security Intellig...
How McGraw Hill Uses Sumo Logic and AWS for Operational and Security Intellig...
 
Sumo Logic QuickStart Webinar July 2016
Sumo Logic QuickStart Webinar July 2016Sumo Logic QuickStart Webinar July 2016
Sumo Logic QuickStart Webinar July 2016
 
Sumo Logic QuickStart - May 2016
Sumo Logic QuickStart - May 2016Sumo Logic QuickStart - May 2016
Sumo Logic QuickStart - May 2016
 
Build a complete security operations and compliance program using a graph dat...
Build a complete security operations and compliance program using a graph dat...Build a complete security operations and compliance program using a graph dat...
Build a complete security operations and compliance program using a graph dat...
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
 

More from Sumo Logic

Sumo Logic Cert Jam - Fundamentals (Spanish)
Sumo Logic Cert Jam - Fundamentals (Spanish)Sumo Logic Cert Jam - Fundamentals (Spanish)
Sumo Logic Cert Jam - Fundamentals (Spanish)
Sumo Logic
 
You Build It, You Secure It: Introduction to DevSecOps
You Build It, You Secure It: Introduction to DevSecOpsYou Build It, You Secure It: Introduction to DevSecOps
You Build It, You Secure It: Introduction to DevSecOps
Sumo Logic
 
Making the Shift from DevOps to Practical DevSecOps | Sumo Logic Webinar
Making the Shift from DevOps to Practical DevSecOps | Sumo Logic WebinarMaking the Shift from DevOps to Practical DevSecOps | Sumo Logic Webinar
Making the Shift from DevOps to Practical DevSecOps | Sumo Logic Webinar
Sumo Logic
 
Machine Analytics: Correlate Your Logs and Metrics
Machine Analytics: Correlate Your Logs and MetricsMachine Analytics: Correlate Your Logs and Metrics
Machine Analytics: Correlate Your Logs and Metrics
Sumo Logic
 
Scaling Your Tools for Your Modern Application
Scaling Your Tools for Your Modern ApplicationScaling Your Tools for Your Modern Application
Scaling Your Tools for Your Modern Application
Sumo Logic
 
Bring your Graphite-compatible metrics into Sumo Logic
Bring your Graphite-compatible metrics into Sumo LogicBring your Graphite-compatible metrics into Sumo Logic
Bring your Graphite-compatible metrics into Sumo Logic
Sumo Logic
 
Sumo Logic: Optimizing Scheduled Searches
Sumo Logic: Optimizing Scheduled SearchesSumo Logic: Optimizing Scheduled Searches
Sumo Logic: Optimizing Scheduled Searches
Sumo Logic
 

More from Sumo Logic (7)

Sumo Logic Cert Jam - Fundamentals (Spanish)
Sumo Logic Cert Jam - Fundamentals (Spanish)Sumo Logic Cert Jam - Fundamentals (Spanish)
Sumo Logic Cert Jam - Fundamentals (Spanish)
 
You Build It, You Secure It: Introduction to DevSecOps
You Build It, You Secure It: Introduction to DevSecOpsYou Build It, You Secure It: Introduction to DevSecOps
You Build It, You Secure It: Introduction to DevSecOps
 
Making the Shift from DevOps to Practical DevSecOps | Sumo Logic Webinar
Making the Shift from DevOps to Practical DevSecOps | Sumo Logic WebinarMaking the Shift from DevOps to Practical DevSecOps | Sumo Logic Webinar
Making the Shift from DevOps to Practical DevSecOps | Sumo Logic Webinar
 
Machine Analytics: Correlate Your Logs and Metrics
Machine Analytics: Correlate Your Logs and MetricsMachine Analytics: Correlate Your Logs and Metrics
Machine Analytics: Correlate Your Logs and Metrics
 
Scaling Your Tools for Your Modern Application
Scaling Your Tools for Your Modern ApplicationScaling Your Tools for Your Modern Application
Scaling Your Tools for Your Modern Application
 
Bring your Graphite-compatible metrics into Sumo Logic
Bring your Graphite-compatible metrics into Sumo LogicBring your Graphite-compatible metrics into Sumo Logic
Bring your Graphite-compatible metrics into Sumo Logic
 
Sumo Logic: Optimizing Scheduled Searches
Sumo Logic: Optimizing Scheduled SearchesSumo Logic: Optimizing Scheduled Searches
Sumo Logic: Optimizing Scheduled Searches
 

Recently uploaded

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
Vlad Stirbu
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
ViralQR
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 

Recently uploaded (20)

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 

Security Certification: Security Analytics using Sumo Logic - Oct 2018

  • 1. Become a Sumo Security User Security Certification
  • 2. Sumo Logic Confidential Become a Sumo Security Power User 1. Learn How Security Analytics works for you 2. Develop a Toolset for Basic and Advanced Analytics 3. Monitor Trends & Critical Events 4. Learn about Sumo’s Security and Compliance Apps 5. Next steps: where do you go from here?
  • 3. Sumo Logic Confidential Tutorial: Hands-on Exercises Training Environment: 1. service.sumologic.com 2. The username and password is on your handout Security Hands-on Labs: ● sumologic.com/learn/certifications
  • 4. Sumo Logic Confidential Sumo Logic Security Analytics Real-time insights for streamlined Compliance and Security • Meet compliance deadlines • Reduce security risks • Identify potential security breaches • Neutralize new threat patterns • Transform reactive/manual processes into integrated/proactive/automated Automate Threat Detection • Detect threats across microservices, container services, cloud-based technology, operating systems, applications, storage devices, servers, workstations, and more.
  • 5. Sumo Logic Confidential Examples of Security Use Cases • Monitor “Root” Logins • Monitor Multiple Failed Logins • Monitor Web Activity • Monitor Ingress/Outgress Rules • Identify publicly exposed Security Group (0.0.0.0/0 with <open port>) • Identify Services out of Compliance (no patches in “n” days) • Identify Application Threats (Libraries, Botnets, compromised credentials) • Monitor Malicious Threats and IOCs ➢ What’s your use case?
  • 6. Sumo Logic Confidential Filter and Provide Structure Search and Parse
  • 7. Sumo Logic Confidential Search and Parse Search and Filter your data Search and Filter your data • _metadata • Keywords • Live Tail Parse fields to provide structure to your data • Query Parsing • Implement your Field Extraction Rules
  • 8. Sumo Logic Confidential Security Certification: Hands-on Labs Labs 1-3: Search and Parse • Search Basics: Metadata and Keywords • Parsing Operators and Options • Grouping Results • Field Extraction Rules Security Analytics
  • 9. Sumo Logic Confidential Conditional Logic, Filtering, Formatting Results Simple Analytics
  • 10. Sumo Logic Confidential Review ⇨ Query Syntax Syntax: metadata Keywords and operators, separated by pipes, that build on top of each other |parse |filter |aggregate |format keywords
  • 11. Sumo Logic Confidential Simple Analytics Aggregation | count[] | sum | avg | min() | max() Conditional | if() | []matches[] | <>in() | filter | where Formatting | transpose | fields | limit | sort by | top
  • 12. Sumo Logic Confidential Cheat Sheet Community Learn Tab
  • 13. Sumo Logic Confidential Security Certification: Hands-On Labs Lab 4A: Monitor AWS Root Account Usage Community > Query Library > Security-related Queries for AWS Security Analytics
  • 14. Sumo Logic Confidential Parse key fields Perform additional parsing on key fields Don’t drop messages that do not match parse criteriaFurther Filter results Aggregate by desired fields Filter using metadata and keywords
  • 15. Sumo Logic Confidential Security Certification: Hands-On Labs Lab 4B: Monitor Security Groups Created Community > Query Library > Security-related Queries for AWS Security Analytics
  • 16. Sumo Logic Confidential Security Certification: Hands-On Labs Lab 4C: Monitor “Impossible Travel” scenario Community > Query Library > Security-related Queries for AWS Security Analytics
  • 17. Sumo Logic Confidential Outliers, Trends, Needle in the Haystack Advanced Analytics
  • 18. Sumo Logic Confidential Advanced Analytics Find the ”needle in the haystack” by identifying patterns. Compare today’s patterns with patterns in the past. _sourceCategory=Labs/security/snort | logreduce _sourceCategory=Labs/security/snort | logcompare -24h LogReduce ➜ New security attacks/breaches. LogCompare ➜ Compare attacks/breaches to other time periods.
  • 19. Sumo Logic Confidential Advanced Analytics _sourceCategory=Labs/AWS/CloudTrail | parse ""eventName":"*"" as eventName nodrop | parse ""responseElements":{"ConsoleLogin":"*"}" as loginResult nodrop | where eventName="ConsoleLogin" and loginresult="Failure" | timeslice 30m | count(eventName) as failed_login_attempts by _timeslice | outlier failed_login_attempts _sourceCategory=Labs/security/Proofpoint and Mexico | timeslice 5m | count as rogue_traffic by _timeslice | predict rogue_traffic by 5m forecast=12 Outlier ➜ Anomalies in number of Failed Logins Predict ➜ Traffic from a Rogue Country/State
  • 20. Sumo Logic Confidential Advanced Analytics _sourceCategory=Labs/PaloAltoNetworks and ",TRAFFIC," | where action="deny" | count action | compare with timeshift 15m 4 avg | if(isNull(_count), 0, _count) as _count | if(isNull(_count_60m_avg), 0, _count_60m_avg) as _count_60m_avg | where _count>(5 * _count_60m_avg) _sourceCategory=Labs/PaloAltoNetworks and ",TRAFFIC," | lookup latitude, longitude, country_code, country_name, city from geo://location on ip=dest_ip | where country_code<>"US" | count by latitude, longitude, country_code, country_name, city Time Compare ➜ Identify a 5-fold increase in Denied Traffic Geo Lookup ➜ Traffic Destinations outside the US
  • 21. Sumo Logic Confidential Security Certification: Hands-On Labs Lab 5-8: Advanced Analytics ● Finding the needle in the haystack ● Comparing time periods ● Identifying Outliers Security Analytics
  • 22. Sumo Logic Confidential Advanced Analytics ((_sourceCategory=Labs/PaloAltoNetworks ",THREAT,") or (_sourceCategory=Labs/PaloAltoNetworks ",TRAFFIC," action=allow)) | concat(dest_ip,":", dest_port) as destination | transactionize src_ip (merge type, destination, src_ip takeFirst) | where type matches "*TRAFFIC*" and type matches "*THREAT*" | count src_ip, type, destination | fields - _count ((_sourceCategory=Labs/security/snort "[Classification: Web Application Attack]") or _sourceCategory=Labs/Apache/Access) | parse "{TCP} *:* -> *:*" as src_ip, src_port, dest_ip, dest_port nodrop | parse regex "(?<src_ip>d{1,3}.d{1,3}.d{1,3}.d{1,3})" | transaction on src_ip with states %"Labs/security/snort", %"Labs/Apache/Access" in _sourceCategory | where %"Labs/security/snort">0 and %"Labs/Apache/Access">0 Transactionize ➜ Follow a Transaction Transaction ➜ Correlate Traffic Data
  • 23. Sumo Logic Confidential Security Certification: Hands-On Labs Labs 9-14: Lookups and Data Correlation ● Using Threat Intel Lookup ● Creating Query Templates ● Creating Custom Lookups ● Correlating Data ○ Transaction ○ Transactionize ○ Subqueries Security Analytics
  • 24. Sumo Logic Confidential Dashboards and Alerts Monitoring your Data
  • 25. Sumo Logic Confidential Monitoring Your Data Visualize your data through Dashboards ● Chart your Data ● Create Panels ● Share your Content! Receive notification of your Critical Events ● Schedule Your Searches ● Use Webhook Connections to reach your audience ● Create Meaningful Alerts
  • 26. Sumo Logic Confidential Security Certification: Hands-On Labs Labs 15-18: Visualizing and Monitoring ● Create a Dashboard ● Add Panels to an Existing Dashboard ● Create Meaningful Alerts Security Analytics
  • 27. Sumo Logic Confidential Out-of-the-Box Content Security and Compliance Apps
  • 28. Sumo Logic Confidential Security and Compliance Apps ● Simplify Compliance Management ● Set up Real-time monitoring and Alerts ● Security Analytics with Threat Intelligence
  • 29. Sumo Logic Confidential Apps: Palo Alto Networks Discover threats, consumption, traffic patterns, and other security-driven issues, providing additional insight for investigations.
  • 30. Sumo Logic Confidential Apps: AWS CloudTrail Track user behavior patterns, administrator activity, or correlate with other data sets to get a broader understanding of events from operating systems, intrusion detection systems or application logs.
  • 31. Sumo Logic Confidential Apps: AWS VPC Flow Logs Track your IP network traffic and troubleshoot security issues with real-time visibility and analysis of your environment.
  • 32. Sumo Logic Confidential Apps: AWS GuardDuty Detect unexpected and potentially malicious activities in your AWS account. Analyze threats by severity, VPC, IP, account ID, region, and resource type. GuardDuty analyzes and processes VPC Flow Logs and AWS CloudTrail event logs.
  • 33. Sumo Logic Confidential Apps: Threat Intelligence for AWS Correlate CrowdStrike threat intelligence data with your AWS log data, for real-time security analytics to detect threats and protect against cyber-attacks. The Threat Intel for AWS App scans AWS CloudTrail, AWS ELB and AWS VPC Flow logs for threats based on IP address.
  • 34. Sumo Logic Confidential Apps: Threat Intelligence Quick Analysis Correlate CrowdStrike threat intelligence data with your own log data, for real-time security analytics to detect threats and protect against cyber-attacks. This app scans your selected logs for threats based on IP, filename, URL, domain, Hash 256, and email.
  • 35. Sumo Logic Confidential Apps: CrowdStrike Analyze CrowdStrike security events by type, status and detection method. The CrowdStrike Falcon platform provides Endpoint Detection and Response, Antivirus and Threat Intelligence services via the cloud.
  • 36. Sumo Logic Confidential Apps: O365 Monitor and analyze your complete Office 365 system for administrator and user activity. This app monitors Audit logs for Azure Active Directory, Exchange and SharePoint.
  • 37. Sumo Logic Confidential Security Certification: Hands-On Labs Labs 19-20: Sumo Logic Apps ● Installing AWS CloudTrail App ● Installing the Threat Intel App for OSSEC data Using Sumo Logic
  • 38. Sumo Logic Confidential ”How To” templates to implement in your Environment Use Cases
  • 39. Sumo Logic Confidential General Use Cases How to Create and Alert on Ratios or Percentages ● Outlier How to Compare and Alert on Historical Data ● Compare and Outlier Detect Patterns and Changes Across Environments and Time ● LogCompare Visualize Trends in Your Signatures ● LogReduce and Timeslice
  • 40. Sumo Logic Confidential Security Use Cases ● Security Queries for PAN (Firewalls) ● Security Queries for AWS ● Security Queries for Linux ● Security Queries for Windows
  • 41. Sumo Logic Confidential Training, Docs, Community, Support Where do I go from here?
  • 42. Need knowledge? ⇨ try the Learn tab Explore the tutorials
  • 43. Need knowledge? ⇨ try the Learn tab Access comprehensive lists of operators and more Explore the tutorials
  • 44. Need knowledge? ⇨ try the Learn tab Access comprehensive lists of operators and more Every feature and tool covered in docs Explore the tutorials
  • 45. Need knowledge? ⇨ try the Learn tab Access comprehensive lists of operators and more Every feature and tool covered in docs Find out What’s New Explore the tutorials
  • 46. Need knowledge? ⇨ try the Learn tab Access comprehensive lists of operators and more Every feature and tool covered in docs Find out What’s New Find answers or post your questions to Community Explore the tutorials
  • 47. Need knowledge? ⇨ try the Learn tab Access comprehensive lists of operators and more Every feature and tool covered in docs Find out What’s New Find answers or post your questions to Community Attend/review training and get certified Explore the tutorials
  • 48. Need knowledge? ⇨ try the Learn tab Access comprehensive lists of operators and more Every feature and tool covered in docs Find out What’s New Find answers or post your questions to Community Attend/review training and get certified Explore the tutorials Open a Support case
  • 49. Need knowledge? ⇨ try the Learn tab Access comprehensive lists of operators and more Every feature and tool covered in docs Find out What’s New Find answers or post your questions to Community Attend/review training and get certified Explore the tutorials Open a Support case
  • 52. Sumo Logic Confidential Sumo Logic Confidential In order to get credit for the exam, In YOUR OWN INSTANCE, go to Certification Tab. • Online Exam • 30 Multiple choice questions • 60-minute time limit • 3 attempts